import subprocess
import json
from mcp.server.fastmcp import FastMCP

mcp = FastMCP("系统漏洞扫描服务")

def run_oscap_scan():
    """执行oscap漏洞扫描"""
    try:
        # 使用OpenSCAP进行系统漏洞扫描
        result = subprocess.check_output(
            "sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard "
            "--results-arf results.xml /usr/share/xml/scap/ssg/content/ssg-opensuse-ds.xml",
            shell=True,
            text=True
        )
        return {
            "status": "success",
            "result": result,
            "report_file": "results.xml"
        }
    except subprocess.CalledProcessError as e:
        return {
            "status": "error",
            "error": str(e),
            "output": e.output
        }

@mcp.tool()
def scan_vulnerabilities() -> dict:
    """执行系统漏洞扫描"""
    return run_oscap_scan()

@mcp.tool()
def get_scan_results() -> dict:
    """获取最近扫描结果"""
    try:
        with open("results.xml", "r") as f:
            return {
                "status": "success",
                "report": f.read()
            }
    except FileNotFoundError:
        return {
            "status": "error",
            "error": "No scan results found"
        }

if __name__ == "__main__":
    mcp.run()